Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Fwd: Any user can panic OpenBSD machine

From: cope () star enet dec com (Joshua Cope)
Date: Tue, 28 Jul 1998 12:54:30 -0400

deraadt () CVS OPENBSD ORG wrote:


However, this bug does not by itself provide anyone with a way to gain
elevated priviledges and greater control of the system.  That is what
most of us normally call an 'exploit', or has the lingo changed
recently?


If you consider denial-of-service an attack, then I consider anon-privileged system crasher an exploit. However, I agree
you that no Bugtraq reader should be "appalled" or even
surprised when the occasional buffer overflow, improper
typecast, etc. is found that crashes a system. (Heck, one even
shows up in good old OpenVMS now and then!)


Also, please see
        www.openbsd.org/security.html

for information on other security fixes which are far more important,
yet strangely have not reached BUGTRAQ like this report did.


Bugtraq is for reporting new vulnerabilities, not rehashing those whichhave already been announced. In other words, you 
found 'em before
we did ;)

   Joshua Cope

------------------------------------------------------------
The above opinions and information not necessarily those of
Digital Equipment Corporation or Compaq.
------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: